5 Takeaways From Cisco’s Big Cybersecurity Report

Companies still use outdated technology, and hackers are using abandoned websites for their schemes.

Companies are still using outdated technology leaving them prone to cyber attacks, security researchers are losing their confidence, and hackers are making millions of dollars through so-called ransomware attacks.

These are some of the findings detailed in Cisco’s annual report on the state of cybersecurity based on research the company obtained from customers, outside security analysts, and its networking devices connected to the Internet.

Here’s five interesting takeaways from the big report:

1. Hackers love ransomware

Cisco’s CSCO0.79% latest security report confirms that recent ransomware attacks on hospitals, universities, and even some utility services, are on the rise. Using a type of malware known as ransomware, hackers can cut access to computer networks and systems and encrypt documents from victims until they receive payment. The report said that 9,515 people end up paying ransoms each month. The average ransom is $300 and hackers could make $34 million a year on ransomware attacks.

One way criminals pull off ransomware attacks is to create a fake website that contains a so-called Angler exploit kit. The Angler exploit kit essentially scans a person’s web browser to find security holes, and then transmits malware like the popular Cryptowall 3.0 and Bedep software that then locks down a person’s computer.

2. Adobe Flash is still bad for cybersecurity

Hackers continue to love using the Adobe Flash media player as a convenient way to penetrate computers because of its buggy nature and security holes. The report’s authors said that for 2016, “criminals are most likely to focus their exploits and attacks on Adobe Flash users,” and they expect hackers to continue exploiting Flash’s vulnerabilities for some time.

The good news is that with companies like GoogleGOOG3.07% and AmazonAMZN0.82%phasing out support for the media player in favor of newer technologies like the HTML5 coding language, attacks will likely decline over time.

3. Hackers are setting up shop in abandoned WordPress websites

WordPress is a popular web content management system that hosts millions of websites. But many of those millions of websites have been abandoned by their owners and haven’t been updated in years, leaving them prone to many security holes.

Now, hackers are infiltrating these abandoned websites more than ever and using the websites as tools for their attacks. The report said that “In WordPress sites, attackers can take control of a steady stream of compromised servers to create an infrastructure that supports ransomware, bank fraud, or phishing attacks.”

4. Companies with old, outdated technology are at risk of attacks

Businesses with legacy IT equipment and computer systems are at higher risks of security breaches because a lot of older IT technology wasn’t designed to thwart modern day attacks.

Cisco analyzed 115,000 Cisco devices like switches and routers currently being used by companies and found “that 106,000 of the 115,000 devices had known vulnerabilities in the software they were running.” These vulnerabilities leave the gear open to hackers who can gain access into corporate networks through antiquated gear with outdated software. The researchers also said that many of these devices “reached their last day of support” and are not able to receive security updates or patches to keep them protected.

5. Security teams are losing their confidence

Recent huge corporate hackings like the ones that wrecked Sony Pictures and health-insurer Anthem have hurt the confidence of modern security professionals. The report said that corporate security researchers in 2015 were not as confident that their security infrastructure was up-to-date as they were in 2014.

The sheer complexity of maintaining and operating corporate infrastructure means that it’s difficult to ensure that every bit of hardware and software is up-to-date and patched or upgraded. However, companies seem to be creating stronger security policies as a response, like creating formal, written security guidelines for their teams to follow as well as audits.